sponsor content What's this?
From multi-domain operations to coalition-led exercises, the modern battlespace requires a seamless data exchange despite unpredictable conditions. Defense organizations must establish an integrated security strategy that protects critical information while still empowering real-time collaboration among troops, allied partners, and remote command centers — even when networks falter.
This requires validating every user and device on the fly, applying granular data controls to protect sensitive intel and deploying AI-driven threat detection to spot anomalies before they become full-blown incidents. These capabilities keep forces focused on decisive action while adaptive policy enforcement helps maintain operational fluidity in a shifting environment.
While unpredictability is a constant, the source of that unpredictability is heavily dependent on the environment. INDOPACOM missions, for example, in which partners are separated by vast bodies of water, must contend with the tyranny of distance as they manage air, ground and naval assets, often among partners who speak a variety of different languages. In the high north, challenges include bandwidth that is increasingly diminished the higher the mission moves. Meanwhile, all locations face the threat of cyberattack and electronic warfare.
Not only must missions be completed in spite of varying challenges, but time is of the essence. The goal is fast, efficient data and information exchange to support evidence-based decision-making, while shortening the decision chain. It’s a delicate balancing act that is “not even three-dimensional chess, it's four-dimensional chess,” said John Sahlin, vice president of cyber solutions at General Dynamics Information Technology and the lead for the company’s Everest Zero Trust solution.
Consider a situation that requires calling in fire for effect — troops on the ground need air or naval support — and an international mission partner is the closest asset with the right capabilities to provide it.
“I need to make sure that I can share data with those international mission partners, which means I have to ensure that not only is that message prioritized, but that it's tagged appropriately, and that I have access to the systems I need to get that message over to our international partners in time to provide support,” Sahlin said.
To bring advanced capabilities to bear for data at the edge, GDIT and Amazon Web Services (AWS) partnered on DOGMA, or Defense Operations Grid-Mesh Accelerator. The AI-powered tool optimizes the transfer of data along the volatile “first mile” nearest to the tactical edge and then, once it reaches the closest AWS availability zone, routes it to the cloud via commercial pathways.
“Speeding the transfer of data, and getting the right information to the right people at the right time is crucial,” said Adam Hesch, lead solutions architect for global defense partners, at AWS Worldwide Public Sector. “AI capabilities, like those in AWS CEGA (Cloud Edge Global Access), can help provide reliability in contested environments, selecting the optimal path to bring mission-critical data to the point where it can securely and seamlessly travel back to the cloud.”
Data sharing in these environments is not as simple as maximizing speed at all costs. Data must balance speed while optimizing along three dimensions: confidentiality, integrity and availability. The catch is that the ideal formula is not the same for every mission. What is consistent across missions is that mission leaders at the tactical edge must be able to adjust the optimization formula based on needs in the moment.
Achieving adaptability while navigating uncertainty at the edge depends on several key capabilities:
- Validating users and devices on the fly: Both devices and users must be validated, and quickly. Though requirements vary between the two, both require a robust zero trust approach that goes beyond basic identity to characterization of behavior. Is the individual or device exhibiting expected behavior? While anomalous behavior does not inherently indicate something nefarious, it does mean that device or user can no longer be trusted until further analysis.
- Granular data controls: A zero trust approach means securing and controlling access to data at a granular level, but it’s not just about locking down the data. In unpredictable environments that often come with low bandwidth, sending only the information that is truly needed saves time over sending large quantities of superfluous data.
Moreover, granular data controls also enable dynamic risk management throughout a given operation or time frame. While there may be a broad sharing agreement for an operation, there may also be situations within that require more limited data distribution. Alternatively, if an endpoint, such as a remotely piloted vehicle, becomes compromised, not only can the vehicle be bricked, but also the data itself at object levels. - Adaptive access rights management and policy enforcement: “At the end of the day, we have to get the mission done,” Sahlin said. “And if we don't provide clear guidance and guardrails for how to make decisions in theater, it's going to be very difficult to enforce that level of granularity.” A dynamic security architecture like zero trust enables the adaptability and flexibility to securely evolve the original mission plan in real-time.
To further support zero trust access and cybersecurity at the edge, GDIT and Ping Identity are building on learnings at the most recent Talisman Sabre defense exercise in the INDOPACOM region to fine-tune access and control. Sharing information in such transnational operations or with nonstandard partners only brings further complexity to the identity and access management space.
“Identity is at the core of safe, secure and efficient digital experiences for all organizations, and our military is no exception,” said Loren Russon, senior vice president of product and technology, at Ping Identity. “In quickly evolving situations, mission leaders need the ability to modify access controls in the moment.”
As artificial intelligence (AI) and machine learning (ML) become increasingly integrated into all parts of government, they have the potential to play a critical role in supporting zero trust and seamless data sharing at the edge. Identifying those user and device behavioral anomalies, for example, is a key use case.
“People talk about advanced persistent threat actors as looking for a needle in a haystack,” Sahlin said. “But it's more like looking for that one magenta-colored needle in a stack of 100,000 needles that range from hot pink to brick red.”
That is a monumentally difficult task for human analysts, but AI/ML tools are well-equipped to differentiate between those extremely small nuances and elevate them to humans to assess. AI/ML tools also offer advantages in assisting and enabling classification of data. Optimal data sharing depends on maximizing how broadly data can be shared while still maintaining the necessary level of security for that particular data.
When humans classify data, they tend to err on the side of caution — no one wants to be responsible for a catastrophic data breach due to under-classification. Machines take human emotion out of the equation. To properly leverage these AI/ML tools, however, clarity is essential.
“This is a complex environment, and the AI engine has to have the transparency to show the homework, to show the math of how it got there,” Sahlin said.
As defense leaders look to further incorporate zero trust strategies and AI/ML solutions to support data sharing at the edge, industry partnerships are critical. These partnerships help bring emerging capabilities into real-world mission environments, ensuring they are both effective and adaptable to operational needs.
Policy leaders are increasingly recognizing the operational value of emerging technologies and refining standards to ensure these advancements are effectively integrated into mission critical operations. The focus is not just on security, but on enabling warfighters to make faster, data-driven decisions in dynamic battlespaces.
“We are all about executing the mission — what is the mission value of the technology?” Sahlin said. “It’s not just about bits and bytes, it’s not just about shiny objects, it needs to impact the mission.”
Learn more about how GDIT is leveraging emerging technologies to support seamless data sharing at the edge.
This content is made possible by our sponsor GDIT it is not written by and does not necessarily reflect the views of Defense One editorial staff.
NEXT STORY: Face the Fight®: Coalition Focused on Preventing Veteran Suicide